/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package com.myapp.struts;

import com.myapp.share.*;

import java.util.*;
import java.sql.*;
import java.util.Iterator;
import javax.sql.DataSource;
import javax.naming.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.struts.action.ActionForm;
import org.apache.struts.action.ActionForward;
import org.apache.struts.action.ActionMapping;

/**
 *
 * @author NeaghFoz
 */
public class LoginAction extends org.apache.struts.action.Action {

    private final static String STUDENT = "student";
    private final static String TEACHER = "teacher";
    private final static String ASSISTANT = "assistant";
    private final static String ADMINISTRATOR = "administrator";
    private final static String FAILURE = "failure";

    public ActionForward execute(ActionMapping mapping, ActionForm form,
            HttpServletRequest request, HttpServletResponse response)
            throws Exception {

        // extract user data
        LoginForm formBean = (LoginForm) form;
        String password = "";
        String permission = "";
        String name = "";
        //connect datasource
        InitialContext initCtx = new InitialContext();
        DataSource ds = (DataSource) initCtx.lookup("java:/comp/env/jdbc/connectionPool");
        //Connection conn = ds.getConnection();
        //Statement stmt = conn.createStatement();
        String sql = "select UserPwd from userinfo where UserID=" + "'" + formBean.getUserID() + "'";
        String sql1 = "select UserPermission from userinfo where UserID=" + "'" + formBean.getUserID() + "'";
        String sql2 = "select UserName from userinfo where UserID=" + "'" + formBean.getUserID() + "'";
        // ResultSet rs = stmt.executeQuery(sql);
        DBConnect loginDB = new DBConnect();
        ArrayList rslist = loginDB.executeQuery(ds, sql);
        ArrayList rslist1 = loginDB.executeQuery(ds, sql1);
        ArrayList rslist2 = loginDB.executeQuery(ds, sql2);
        ArrayList temp = (ArrayList) rslist.get(0);
        ArrayList temp1 = (ArrayList) rslist1.get(0);
        ArrayList temp2 = (ArrayList) rslist2.get(0);
        password = (String) temp.get(0);
        permission = (String) temp1.get(0);
        name = (String) temp2.get(0);
        formBean.setUserName(name);
        formBean.setUserPermission(permission);


        /*while (rs.next()) {
        password = rs.getString("UserPassword");
        }
        rs.close();
        stmt.close();
        conn.close();
         */
        // perform validation
        if (password.equals(formBean.getUserPwd()) && formBean.getUserID() != "") {
            if (permission.equals("student")) {
                return mapping.findForward(STUDENT);
            } else if (permission.equals("teacher")) {
                return mapping.findForward(TEACHER);
            } else if (permission.equals("assistant")) {
                return mapping.findForward(ASSISTANT);
            } else {
                return mapping.findForward(ADMINISTRATOR);
            }
        } else {
            formBean.setError();
            return mapping.findForward(FAILURE);
        }


    }
}
